On 4/30/14 10:53 AM, Jürgen Schmidt wrote: > Hi, > > for AOO 3.4 we had already discussed and later on reverted a change to > enable the ODF Document encryption AES-256 by default. > > Some time ago I played with a new option field to allow the user to > enable this option as new default, see [1] > > By default the office still uses the old blowfish algorithm but with > this new option the user can enable the ODF 1.2 encryption. Well it is a > minimal change to improve the current situation and allow the user to > make use of what we already have. > > What does it mean in detail when we integrate this change? > > 1. No change as long as this option is not enabled > 2. Option enabled and ODF 1.2 encryption is now default > 2.1 New documents stored with password can't be loaded on older office > versions
-> stored with the new ODF 1.2 encryption And Oliver pointed out that AOO 3.4 of course is already able to read such documents > 2.2 New or existing documents stored in older versions can still be > loaded in the new office with the old blowfish encryption > 2.3 Documents stored in older version (with the old algorithm) and > loaded in the new office works as expected. Changes made in the document > and stored with the new office still use the old algorithm and the > document can later on opened in older office versions. > > From my pov of view there is still room for improvements but it is a > first useful step to move forward to a more secure algorithm and give > the user the opportunity to tweak the settings in the preferred way. > > I would like to propose to integrate this change and test it how well it > works. > > Any opinions? Well keep in mind it is a minimal enhancement to make use > of what we already have. There is still room for improvements ... > > > Juergen > > > [1] http://people.apache.org/~jsc/test/encryption_aes256_odf12.png > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
